I've attached a script to check for Lotus Sametime versions < 7.5.1,
which are vulnerable to cross-site scripting according to
CVE-2007-4142[1] and IBM Tech note #1266789[2] (Google cache[3]).
Note: I didn't have access to Sametime 7.5.1, so couldn't confirm if the
version test works correctly on that version. Tested with 7.0.
[1] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4142
[2] http://www-1.ibm.com/support/docview.wss?uid=swg21266789
[3]
http://www.google.com/search?q=cache:djW4v0Sn8ygJ:www-1.ibm.com/support/docview.wss%3Fuid%3Dswg21266789+http://www-1.ibm.com/support/docview.wss%3Fuid%3Dswg21266789&hl=en&ct=clnk&cd=1&gl=uk&client=firefox-a
Regards
--
Simon Ward
Operations Security Specialist, Westpoint Ltd
Albion Wharf, 19 Albion Street, Manchester M1 5LN, United Kingdom
Web: www.westpoint.ltd.uk
Tel: +44-161-2371028
which are vulnerable to cross-site scripting according to
CVE-2007-4142[1] and IBM Tech note #1266789[2] (Google cache[3]).
Note: I didn't have access to Sametime 7.5.1, so couldn't confirm if the
version test works correctly on that version. Tested with 7.0.
[1] http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4142
[2] http://www-1.ibm.com/support/docview.wss?uid=swg21266789
[3]
http://www.google.com/search?q=cache:djW4v0Sn8ygJ:www-1.ibm.com/support/docview.wss%3Fuid%3Dswg21266789+http://www-1.ibm.com/support/docview.wss%3Fuid%3Dswg21266789&hl=en&ct=clnk&cd=1&gl=uk&client=firefox-a
Regards
--
Simon Ward
Operations Security Specialist, Westpoint Ltd
Albion Wharf, 19 Albion Street, Manchester M1 5LN, United Kingdom
Web: www.westpoint.ltd.uk
Tel: +44-161-2371028
Attached Files:
-
sametime_7_5_1.nasl (1.54 KB)